<?php
	//Authentication
	if(!defined('LOGIN_SERVICE')){
		$url="../Index.php";
		include_once '../Tool/Common/Redirect.php';
		exit();
	}

	define('CONFIG_FILE',true);
    include '../config.php';
    
	define('DB_FILE',true);
	require_once '../Tool/DB/SqlDBManager.class.php';
	require_once '../Tool/Common/PasswordHash.php';
	require_once '../Classes/User.class.php';
	
	class LoginService{

		//User authentication
		public function checkUser($username,$password){
			//create SqlDBManager object
			$sqlDBManager = new SqlDBManager();

			$sql="Select Password from user where Username=?";
			$parameters = array($username);
						
			//get Password result
			$res=$sqlDBManager->queryRow($sql,$parameters);

			if(!empty($res)){
				$res=validate_password($password,$res['Password']);
				if($res===TRUE){
					$sql="Select * from user where Username=?";
					$parameters = array($username);
					
					//get Password result
					$res=$sqlDBManager->queryRow($sql,$parameters);		

					$user = new User();
					$user ->setUserName($res['Username']);
					$user ->setPwd($res['Password']);
					$user ->setUserType($res['UserType']);
					$user ->setStaffName($res['StaffName']);
					$user ->setCentreID($res['CentreId']);
					$user ->setContactNo($res['ContactNumber']);
					$user ->setEmail($res['Email']);
					return $user; //user exists
				}else{
					return "";  //indicates wrong ID or password	
				}
			}else{
				return "";
			}

			//close connection
			$sqlDBManager->close_connect();		
		}

		//Retrieve User 
		public function RetrieveUserInfo($username){		
			//create SqlDBManager object
			$sqlDBManager = new SqlDBManager();	
		}
		
		//Retrieve Centre Name
		public function RetrieveCentreNameByUsername($username){			
			$sql="Select centre.CentreName from user, centre where user.CentreId = centre.CentreId and user.Username = ?";
			$parameters = array($username);
			//create SqlDBManager object
			$sqlDBManager = new SqlDBManager();
			
			//get result
			$res=$sqlDBManager->queryRow($sql,$parameters);

			if(!empty($res)){
				
				return $res['CentreName']; // indicates user exists
			}
			
			//close connection
			$sqlDBManager->close_connect();
				
			return "";  //indicates wrong ID or password
		}

	}
?>